Active Directory
Rationale
The current University of Florida computing environment includes a wide range of servers, desktop and laptop computers, printers and other computing resources, spread across many distributed computing systems. These systems typically do not share resources and enable work between systems.
Computer accounts can be created that may not be attributed to people - that is, it may be unclear who is responsible for a computer account. Conversely, we are unable to determine which accounts belong to any particular individual. When a person leaves UF, we are unable to assure that computer access to all systems has been transitioned appropriately.
Faculty, staff and students using these environments are unable to easily share resources across unit boundaries - files and folders, printers and calendars are locally defined and managed. A person can not move from one unit to another and continue to work without having their computer environment deconstructed and reconstructed in the new location. People who work across units are confronted with disparate systems and multiple usernames and passwords.
System administrators in these environments replicate each others work on a regular basis, performing the same tasks repeatedly at a local level without an ability to distribute the results of their work more broadly. In 1999, Microsoft introduced Active Directory as a unifying technology for bringing distributed computing environments together for the purpose of sharing resources and information. Active Directory provides a means for storing information about people, computers, other computing resources, and computing policies. Computing policies are rules that determine how computing resources can be used.
In 2001, a group of UF system administrators formed a working group to consider how Active Directory could be implemented at the university. By 2002, they had produced a vision statement. This project was initiated in November of 2002. Following its initial conception, a consulting firm, Dimension Data was commissioned to do an initial macro design and migration plan of a campus wide Active Directory. Active Directory will be fully integrated with other university directory activities. In March of 2003 an Active Directory project lead position was hired.
Goals
- Identify requirements for Active Directory at the University of Florida.
- Design UF Active Directory to meet requirements.
- Establish UF Active Directory and provide services according to design.
- Develop a migration method for attachment of existing Windows resources to UF Active Directory.
- Execute the method by attaching the resources of two or three volunteer units to UF Active Directory.
- Transfer knowledge throughout the project to UF staff enabling on-going operation, administration and adoption of UF Active Directory.
Project Sponsor
Contacts
- Project Lead: Erik Schmidt
- Technical Lead: Mike Kanofsky
- Technical Staff: Dwight Jesseman
- Technical Staff: Michael j. Buchholz
Impact
The purpose of this project is to enable UF faculty, staff and students to:
- Have accounts attributed to identity
- Provide single sign-on to both local and university computing environments
- Use authoritative sources of directory information
- Use desktop computers in more than one unit
- Share resources, including files, printers, calendars
- Increase the security of systems at UF Active Directory Implementation Page 5
- Simplify the management of local environments at UF
Presentations | |
| June 20, 2003, UFAD-Charter | May 12, 2006, Architectural Design |
|---|---|
|
|
| [download] [view] | [download] [ view] |
